diff options
95 files changed, 1083 insertions, 228 deletions
diff --git a/docs/oom_setup_kubernetes_rancher.rst b/docs/oom_setup_kubernetes_rancher.rst index 67ebca544b..eea46c0e51 100644 --- a/docs/oom_setup_kubernetes_rancher.rst +++ b/docs/oom_setup_kubernetes_rancher.rst @@ -275,6 +275,13 @@ Install RKE Download and install RKE on a VM, desktop or laptop. Binaries can be found here for Linux and Mac: https://github.com/rancher/rke/releases/tag/v1.0.6 +.. note:: + There are several ways to install RKE. Further parts of this documentation assumes that you have rke command available. + If you don't know how to install RKE you may follow the below steps: + + * chmod +x ./rke_linux-amd64 + * sudo mv ./rke_linux-amd64 /user/local/bin/rke + RKE requires a *cluster.yml* as input. An example file is show below that describes a Kubernetes cluster that will be mapped onto the OpenStack VMs created earlier in this guide. @@ -357,6 +364,8 @@ Validate deployment :: + > mkdir -p ~/.kube + > cp kube_config_cluster.yml ~/.kube/config.onap > export KUBECONFIG=~/.kube/config.onap diff --git a/docs/openstack-k8s-controlnode.sh b/docs/openstack-k8s-controlnode.sh index 1d230c2da4..cd219aa56f 100644 --- a/docs/openstack-k8s-controlnode.sh +++ b/docs/openstack-k8s-controlnode.sh @@ -27,5 +27,10 @@ docker login -u docker -p docker nexus3.onap.org:10001 sudo apt-get install make -y +#nfs server +sudo apt-get install nfs-kernel-server -y +sudo mkdir -p /dockerdata-nfs +sudo chown nobody:nogroup /dockerdata-nfs/ + exit 0 diff --git a/kubernetes/common/network-name-gen/requirements.yaml b/kubernetes/common/network-name-gen/requirements.yaml index 8c2277c210..63e13308e9 100644 --- a/kubernetes/common/network-name-gen/requirements.yaml +++ b/kubernetes/common/network-name-gen/requirements.yaml @@ -16,6 +16,9 @@ dependencies: - name: common
version: ~6.x-0
repository: 'file://../common'
+ - name: repositoryGenerator
+ version: ~6.x-0
+ repository: 'file://../repositoryGenerator'
- name: mariadb-galera
version: ~6.x-0
repository: 'file://../mariadb-galera'
diff --git a/kubernetes/common/network-name-gen/templates/deployment.yaml b/kubernetes/common/network-name-gen/templates/deployment.yaml index c97c0488ac..16d93c6ed3 100644 --- a/kubernetes/common/network-name-gen/templates/deployment.yaml +++ b/kubernetes/common/network-name-gen/templates/deployment.yaml @@ -53,7 +53,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }} @@ -62,7 +62,7 @@ spec: args: - '-c' - 'export POL_BASIC_AUTH=`echo -n $POL_BASIC_AUTH_USER:$POL_BASIC_AUTH_PASSWORD | base64`; /startService.sh' - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: SPRING_PROFILE diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml index ade8a20df6..d38d6e25cd 100644 --- a/kubernetes/common/network-name-gen/values.yaml +++ b/kubernetes/common/network-name-gen/values.yaml @@ -21,13 +21,6 @@ global: # with other instances running within the same k8s cluster nodePortPrefix: 302 - # image repositories - repository: nexus3.onap.org:10001 - - - # readiness check - readinessImage: onap/oom/readiness:3.0.1 - # image pull policy pullPolicy: IfNotPresent @@ -77,7 +70,6 @@ mariadb-init: # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 image: onap/ccsdk-apps-ms-neng:1.0.2 pullPolicy: IfNotPresent diff --git a/kubernetes/consul/charts/consul-server/templates/statefulset.yaml b/kubernetes/consul/charts/consul-server/templates/statefulset.yaml index 882e98fea3..16fda3a510 100644 --- a/kubernetes/consul/charts/consul-server/templates/statefulset.yaml +++ b/kubernetes/consul/charts/consul-server/templates/statefulset.yaml @@ -41,7 +41,10 @@ spec: - name: "{{ include "common.namespace" . }}-docker-registry-key" containers: - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + securityContext: + runAsUser: {{ .Values.securityContext.runAsUser }} + runAsGroup: {{ .Values.securityContext.runAsGroup }} command: ["/usr/local/bin/docker-entrypoint.sh"] args: - "agent" diff --git a/kubernetes/consul/charts/consul-server/values.yaml b/kubernetes/consul/charts/consul-server/values.yaml index 0039aa6654..48a26effd7 100644 --- a/kubernetes/consul/charts/consul-server/values.yaml +++ b/kubernetes/consul/charts/consul-server/values.yaml @@ -17,12 +17,13 @@ ################################################################# global: nodePortPrefix: 302 + repository: nexus3.onap.org:10001 ################################################################# # Application configuration defaults. ################################################################# # application image -image: consul:1.0.6 +image: onap/oom/consul:2.1.0 pullPolicy: Always # flag to enable debugging - application support required @@ -86,3 +87,8 @@ resources: cpu: 1 memory: 2Gi unlimited: {} + +securityContext: + fsGroup: 1000 + runAsUser: 100 + runAsGroup: 1000 diff --git a/kubernetes/consul/templates/deployment.yaml b/kubernetes/consul/templates/deployment.yaml index be15ecbca6..31546abd49 100644 --- a/kubernetes/consul/templates/deployment.yaml +++ b/kubernetes/consul/templates/deployment.yaml @@ -39,15 +39,36 @@ spec: spec: imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" - containers: - - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} + initContainers: + - name: {{ include "common.name" . }}-chown + image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }} command: - - /bin/sh - - "-c" + - sh + args: + - -c - | - apk update && apk add jq - cp /tmp/consul/config/* /consul/config - /usr/local/bin/docker-entrypoint.sh agent -client 0.0.0.0 -enable-script-checks -retry-join {{ .Values.consulServer.nameOverride }} + cp -r -L /tmp/consul/config/* /consul/config/ + chown -R {{ .Values.consulUID }}:{{ .Values.consulGID }} /consul/config + ls -la /consul/config + volumeMounts: + - mountPath: /tmp/consul/config + name: consul-agent-config + - mountPath: /consul/config + name: consul-agent-config-dir + containers: + - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + securityContext: + runAsUser: {{ .Values.securityContext.runAsUser }} + runAsGroup: {{ .Values.securityContext.runAsGroup }} + command: + - docker-entrypoint.sh + args: + - agent + - -client + - 0.0.0.0 + - -enable-script-checks + - -retry-join + - {{ .Values.consulServer.nameOverride }} name: {{ include "common.name" . }} env: - name: SDNC_ODL_COUNT @@ -55,14 +76,16 @@ spec: - name: SDNC_IS_PRIMARY_CLUSTER value: "{{ .Values.sdnc.config.isPrimaryCluster }}" volumeMounts: - - mountPath: /tmp/consul/config - name: consul-agent-config + - mountPath: /consul/config + name: consul-agent-config-dir - mountPath: /consul/scripts name: consul-agent-scripts-config - mountPath: /consul/certs name: consul-agent-certs-config resources: {{ include "common.resources" . | nindent 10 }} volumes: + - name: consul-agent-config-dir + emptyDir: {} - configMap: name: {{ include "common.fullname" . }}-configmap name: consul-agent-config diff --git a/kubernetes/consul/values.yaml b/kubernetes/consul/values.yaml index faebd8db52..639e4eb7af 100644 --- a/kubernetes/consul/values.yaml +++ b/kubernetes/consul/values.yaml @@ -17,18 +17,23 @@ ################################################################# global: nodePortPrefix: 302 + busyboxRepository: registry.hub.docker.com + busyboxImage: library/busybox:latest ################################################################# # Application configuration defaults. ################################################################# # application image -image: oomk8s/consul:1.0.0 +image: onap/oom/consul:2.1.0 pullPolicy: Always #subchart name consulServer: nameOverride: consul-server +consulUID: 100 +consulGID: 1000 + # flag to enable debugging - application support required debugEnabled: false @@ -99,3 +104,8 @@ sdnc: config: isPrimaryCluster: true replicaCount: 1 + +securityContext: + fsGroup: 1000 + runAsUser: 100 + runAsGroup: 1000 diff --git a/kubernetes/contrib/Makefile b/kubernetes/contrib/Makefile index 32386fc89a..4d3514618d 100644 --- a/kubernetes/contrib/Makefile +++ b/kubernetes/contrib/Makefile @@ -1,4 +1,4 @@ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. +# Copyright © 2020 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,22 +11,41 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. + +ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) +OUTPUT_DIR := $(ROOT_DIR)/../../dist +PACKAGE_DIR := $(OUTPUT_DIR)/packages +SECRET_DIR := $(OUTPUT_DIR)/secrets + +EXCLUDES := dns-server-for-vhost-ingress-testing ingress-nginx-post-inst metallb-loadbalancer-inst tools HELM_BIN := helm +HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) + +.PHONY: $(EXCLUDES) $(HELM_CHARTS) + +all: $(HELM_CHARTS) -make-contrib: make-contrib-awx make-contrib-netbox make-contrib-ejbca make-contrib-core +$(HELM_CHARTS): + @echo "\n[$@]" + @make package-$@ -make-contrib-awx: - cd components && $(HELM_BIN) dep up awx && $(HELM_BIN) lint awx +make-%: + @if [ -f $*/Makefile ]; then make -C $*; fi -make-contrib-ejbca: - cd components && $(HELM_BIN) dep up ejbca && $(HELM_BIN) lint ejbca +dep-%: make-% + @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi -make-contrib-netbox: - cd components && $(HELM_BIN) dep up netbox && $(HELM_BIN) lint netbox +lint-%: dep-% + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi -make-contrib-core: - $(HELM_BIN) dep up . && $(HELM_BIN) lint . +package-%: lint-% + @mkdir -p $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi + @$(HELM_BIN) repo index $(PACKAGE_DIR) clean: - @find . -type f -name '*.tgz' -delete - @find . -type f -name '*.lock' -delete + @rm -f */requirements.lock + @rm -f *tgz */charts/*tgz + @rm -rf $(PACKAGE_DIR) +%: + @: diff --git a/kubernetes/contrib/components/Makefile b/kubernetes/contrib/components/Makefile new file mode 100644 index 0000000000..bf267b7720 --- /dev/null +++ b/kubernetes/contrib/components/Makefile @@ -0,0 +1,51 @@ +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) +OUTPUT_DIR := $(ROOT_DIR)/../../dist +PACKAGE_DIR := $(OUTPUT_DIR)/packages +SECRET_DIR := $(OUTPUT_DIR)/secrets + +EXCLUDES := +HELM_BIN := helm +HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) + +.PHONY: $(EXCLUDES) $(HELM_CHARTS) + +all: $(HELM_CHARTS) + +$(HELM_CHARTS): + @echo "\n[$@]" + @make package-$@ + +make-%: + @if [ -f $*/Makefile ]; then make -C $*; fi + +dep-%: make-% + @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi + +lint-%: dep-% + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi + +package-%: lint-% + @mkdir -p $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi + @$(HELM_BIN) repo index $(PACKAGE_DIR) + +clean: + @rm -f */requirements.lock + @rm -f *tgz */charts/*tgz + @rm -rf $(PACKAGE_DIR) +%: + @: diff --git a/kubernetes/contrib/components/awx/Makefile b/kubernetes/contrib/components/awx/Makefile index cb88b57fc9..4c79718d02 100644 --- a/kubernetes/contrib/components/awx/Makefile +++ b/kubernetes/contrib/components/awx/Makefile @@ -1,4 +1,4 @@ -# Copyright © 2019 Bell Canada +# Copyright © 2020 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,7 +11,41 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. + +ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) +OUTPUT_DIR := $(ROOT_DIR)/../dist +PACKAGE_DIR := $(OUTPUT_DIR)/packages +SECRET_DIR := $(OUTPUT_DIR)/secrets + +EXCLUDES := dist resources templates charts docker HELM_BIN := helm +HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) + +.PHONY: $(EXCLUDES) $(HELM_CHARTS) + +all: $(HELM_CHARTS) + +$(HELM_CHARTS): + @echo "\n[$@]" + @make package-$@ + +make-%: + @if [ -f $*/Makefile ]; then make -C $*; fi + +dep-%: make-% + @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi + +lint-%: dep-% + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi + +package-%: lint-% + @mkdir -p $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi + @$(HELM_BIN) repo index $(PACKAGE_DIR) -make-awx: - cd charts && $(HELM_BIN) dep up awx-postgres +clean: + @rm -f */requirements.lock + @rm -f *tgz */charts/*tgz + @rm -rf $(PACKAGE_DIR) +%: + @: diff --git a/kubernetes/contrib/components/awx/charts/awx/values.yaml b/kubernetes/contrib/components/awx/charts/awx/values.yaml deleted file mode 100755 index fd77a12c0b..0000000000 --- a/kubernetes/contrib/components/awx/charts/awx/values.yaml +++ /dev/null @@ -1,111 +0,0 @@ -# Copyright © 2019 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Default values for mariadb. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -global: # global defaults - nodePortPrefixExt: 304 - persistence: {} - -# application image -repository: ansible -image: - web: awx_web:9.0.1 - task: awx_task:9.0.1 - rabbitmq: awx_rabbitmq:3.7.4 - memcached: memcached:1.5.20 -pullPolicy: Always - -# application configuration -config: - postgresUser: awx - postgresPassword: awx - postgresDB: awx -# RabbitMQ Configuration - rabbitmqUser: awx - rabbitmqPassword: awxpass - rabbitmqVhost: awx - rabbitmqErlangCookie: cookiemonster3 -# This will create or update a default admin (superuser) account in AWX, if not provided -# then these default values are used - awxAdminUser: admin - awxAdminPassword: password - awxAdminEmail: cds@onap.org -# AWX Secret key -# It's *very* important that this stay the same between upgrades or you will lose the ability to decrypt -# your credentials - secretKey: awxsecret - -ingress: - enabled: false - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - enabled: true - -## Persist data to a persitent volume -persistence: - enabled: true - volumeReclaimPolicy: Retain - - # Uncomment the storageClass parameter to use an existing PV - # that will match the following class. - # When uncomment the storageClass, the PV is not created anymore. - - # storageClass: "nfs-dev-sc" - - accessMode: ReadWriteOnce - size: 5Gi - - # When using storage class, mountPath and mountSubPath are - # simply ignored. - - mountPath: /dockerdata-nfs - mountSubPath: awx/pgdata - -service: - rmqmgmt: - type: ClusterIP - portName: rmqmgmt - internalPort: 15672 - externalPort: 15672 - web: - type: NodePort - portName: web - internalPort: 8052 - externalPort: 80 - nodePort: 78 - rabbitmq: - type: ClusterIP - http: - portName: http - internalPort: 15672 - externalPort: 15672 - amqp: - portName: amqp - internalPort: 5672 - externalPort: 5672 - -resources: {} diff --git a/kubernetes/contrib/components/awx/components/Makefile b/kubernetes/contrib/components/awx/components/Makefile new file mode 100644 index 0000000000..bf267b7720 --- /dev/null +++ b/kubernetes/contrib/components/awx/components/Makefile @@ -0,0 +1,51 @@ +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) +OUTPUT_DIR := $(ROOT_DIR)/../../dist +PACKAGE_DIR := $(OUTPUT_DIR)/packages +SECRET_DIR := $(OUTPUT_DIR)/secrets + +EXCLUDES := +HELM_BIN := helm +HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) + +.PHONY: $(EXCLUDES) $(HELM_CHARTS) + +all: $(HELM_CHARTS) + +$(HELM_CHARTS): + @echo "\n[$@]" + @make package-$@ + +make-%: + @if [ -f $*/Makefile ]; then make -C $*; fi + +dep-%: make-% + @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi + +lint-%: dep-% + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi + +package-%: lint-% + @mkdir -p $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi + @$(HELM_BIN) repo index $(PACKAGE_DIR) + +clean: + @rm -f */requirements.lock + @rm -f *tgz */charts/*tgz + @rm -rf $(PACKAGE_DIR) +%: + @: diff --git a/kubernetes/contrib/components/awx/charts/awx-postgres/Chart.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/Chart.yaml index e30faf275e..e30faf275e 100755 --- a/kubernetes/contrib/components/awx/charts/awx-postgres/Chart.yaml +++ b/kubernetes/contrib/components/awx/components/awx-postgres/Chart.yaml diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/requirements.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/requirements.yaml new file mode 100755 index 0000000000..a93a429647 --- /dev/null +++ b/kubernetes/contrib/components/awx/components/awx-postgres/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~6.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/contrib/components/awx/charts/awx-postgres/templates/NOTES.txt b/kubernetes/contrib/components/awx/components/awx-postgres/templates/NOTES.txt index 3ab092e848..3ab092e848 100755 --- a/kubernetes/contrib/components/awx/charts/awx-postgres/templates/NOTES.txt +++ b/kubernetes/contrib/components/awx/components/awx-postgres/templates/NOTES.txt diff --git a/kubernetes/contrib/components/awx/charts/awx-postgres/templates/deployment.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/templates/deployment.yaml index 6b3ca1a9d0..c0c6b914fb 100755 --- a/kubernetes/contrib/components/awx/charts/awx-postgres/templates/deployment.yaml +++ b/kubernetes/contrib/components/awx/components/awx-postgres/templates/deployment.yaml @@ -37,7 +37,7 @@ spec: spec: containers: - name: {{ include "common.name" . }} - image: {{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }} + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - containerPort: {{ .Values.service.internalPort }} diff --git a/kubernetes/contrib/components/awx/charts/awx-postgres/templates/pv.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/templates/pv.yaml index bfe63abafe..bfe63abafe 100755 --- a/kubernetes/contrib/components/awx/charts/awx-postgres/templates/pv.yaml +++ b/kubernetes/contrib/components/awx/components/awx-postgres/templates/pv.yaml diff --git a/kubernetes/contrib/components/awx/charts/awx-postgres/templates/pvc.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/templates/pvc.yaml index e12dabf175..e12dabf175 100755 --- a/kubernetes/contrib/components/awx/charts/awx-postgres/templates/pvc.yaml +++ b/kubernetes/contrib/components/awx/components/awx-postgres/templates/pvc.yaml diff --git a/kubernetes/contrib/components/awx/charts/awx-postgres/templates/service.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/templates/service.yaml index f560417425..f560417425 100755 --- a/kubernetes/contrib/components/awx/charts/awx-postgres/templates/service.yaml +++ b/kubernetes/contrib/components/awx/components/awx-postgres/templates/service.yaml diff --git a/kubernetes/contrib/components/awx/charts/awx-postgres/values.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/values.yaml index 09012ead47..a7234caceb 100755 --- a/kubernetes/contrib/components/awx/charts/awx-postgres/values.yaml +++ b/kubernetes/contrib/components/awx/components/awx-postgres/values.yaml @@ -21,7 +21,6 @@ global: # global defaults persistence: {} # application image -repository: docker.io image: postgres:10.4-alpine pullPolicy: Always diff --git a/kubernetes/contrib/components/awx/requirements.yaml b/kubernetes/contrib/components/awx/requirements.yaml index a748affaac..5eda4dbe7e 100755 --- a/kubernetes/contrib/components/awx/requirements.yaml +++ b/kubernetes/contrib/components/awx/requirements.yaml @@ -15,4 +15,10 @@ dependencies: - name: common version: ~6.x-0 - repository: '@local'
\ No newline at end of file + repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' + - name: awx-postgres + version: ~6.x-0 + repository: 'file://components/awx-postgres' diff --git a/kubernetes/contrib/components/awx/charts/awx/resources/config/credentials.py b/kubernetes/contrib/components/awx/resources/config/credentials.py index 85808d10d4..85808d10d4 100644 --- a/kubernetes/contrib/components/awx/charts/awx/resources/config/credentials.py +++ b/kubernetes/contrib/components/awx/resources/config/credentials.py diff --git a/kubernetes/contrib/components/awx/charts/awx/resources/config/environment.sh b/kubernetes/contrib/components/awx/resources/config/environment.sh index b9d01d079c..b9d01d079c 100644 --- a/kubernetes/contrib/components/awx/charts/awx/resources/config/environment.sh +++ b/kubernetes/contrib/components/awx/resources/config/environment.sh diff --git a/kubernetes/contrib/components/awx/charts/awx/templates/configmap.yaml b/kubernetes/contrib/components/awx/templates/configmap.yaml index 9bc62b0856..9bc62b0856 100644 --- a/kubernetes/contrib/components/awx/charts/awx/templates/configmap.yaml +++ b/kubernetes/contrib/components/awx/templates/configmap.yaml diff --git a/kubernetes/contrib/components/awx/charts/awx/templates/job.yaml b/kubernetes/contrib/components/awx/templates/job.yaml index 74c02bcd5f..f974f446c2 100644 --- a/kubernetes/contrib/components/awx/charts/awx/templates/job.yaml +++ b/kubernetes/contrib/components/awx/templates/job.yaml @@ -37,7 +37,7 @@ spec: restartPolicy: Never initContainers: - name: {{ include "common.name" . }}-init-readiness - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - /app/ready.py @@ -53,7 +53,7 @@ spec: containers: - command: ["/bin/sh","-c"] args: ["/etc/tower/job-entrypoint.sh"] - image: "{{ .Values.repository }}/{{ .Values.image.task }}" + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.task }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-mgnt resources: diff --git a/kubernetes/contrib/components/awx/charts/awx/templates/secret.yaml b/kubernetes/contrib/components/awx/templates/secret.yaml index 642f779214..642f779214 100644 --- a/kubernetes/contrib/components/awx/charts/awx/templates/secret.yaml +++ b/kubernetes/contrib/components/awx/templates/secret.yaml diff --git a/kubernetes/contrib/components/awx/charts/awx/templates/service.yaml b/kubernetes/contrib/components/awx/templates/service.yaml index 10f031da82..10f031da82 100755 --- a/kubernetes/contrib/components/awx/charts/awx/templates/service.yaml +++ b/kubernetes/contrib/components/awx/templates/service.yaml diff --git a/kubernetes/contrib/components/awx/charts/awx/templates/serviceaccout.yaml b/kubernetes/contrib/components/awx/templates/serviceaccout.yaml index 0f52ce800a..0f52ce800a 100644 --- a/kubernetes/contrib/components/awx/charts/awx/templates/serviceaccout.yaml +++ b/kubernetes/contrib/components/awx/templates/serviceaccout.yaml diff --git a/kubernetes/contrib/components/awx/charts/awx/templates/statefulset.yaml b/kubernetes/contrib/components/awx/templates/statefulset.yaml index 6023bb4fdb..46747cd85f 100644 --- a/kubernetes/contrib/components/awx/charts/awx/templates/statefulset.yaml +++ b/kubernetes/contrib/components/awx/templates/statefulset.yaml @@ -44,7 +44,7 @@ spec: initContainers: - name: {{ include "common.name" . }}-init-readiness - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - /app/ready.py @@ -60,7 +60,7 @@ spec: containers: - - image: "{{ .Values.repository }}/{{ .Values.image.web }}" + - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.web }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-web ports: @@ -88,7 +88,7 @@ spec: - name: AWX_SKIP_MIGRATIONS value: "1" - image: "{{ .Values.repository }}/{{ .Values.image.task }}" + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.task }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-celery resources: @@ -127,7 +127,7 @@ spec: - name: K8S_SERVICE_NAME value: {{ include "common.servicename" . }}-rabbitmq - image: "{{ .Values.repository }}/{{ .Values.image.rabbitmq }}" + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.rabbitmq }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-rabbit livenessProbe: @@ -165,7 +165,7 @@ spec: - mountPath: /etc/rabbitmq name: rabbitmq-config - - image: "{{ .Values.image.memcached }}" + - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.memcached }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-memcached resources: diff --git a/kubernetes/contrib/components/awx/values.yaml b/kubernetes/contrib/components/awx/values.yaml index 1ed35c2c23..a29866da9a 100755 --- a/kubernetes/contrib/components/awx/values.yaml +++ b/kubernetes/contrib/components/awx/values.yaml @@ -12,28 +12,100 @@ # See the License for the specific language governing permissions and # limitations under the License. -################################################################# -# Global configuration defaults. -################################################################# -global: - readinessRepository: nexus3.onap.org:10001 +# Default values for mariadb. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +global: # global defaults nodePortPrefixExt: 304 commonConfigPrefix: awx - readinessImage: onap/oom/readiness:3.0.1 + persistence: {} -################################################################# -# Application configuration defaults. -################################################################# # application image -repository: hub.docker.io +image: + web: ansible/awx_web:9.0.1 + task: ansible/awx_task:9.0.1 + rabbitmq: ansible/awx_rabbitmq:3.7.4 + memcached: memcached:1.5.20 pullPolicy: Always +# application configuration +config: + postgresUser: awx + postgresPassword: awx + postgresDB: awx +# RabbitMQ Configuration + rabbitmqUser: awx + rabbitmqPassword: awxpass + rabbitmqVhost: awx + rabbitmqErlangCookie: cookiemonster3 +# This will create or update a default admin (superuser) account in AWX, if not provided +# then these default values are used + awxAdminUser: admin + awxAdminPassword: password + awxAdminEmail: cds@onap.org +# AWX Secret key +# It's *very* important that this stay the same between upgrades or you will lose the ability to decrypt +# your credentials + secretKey: awxsecret + +ingress: + enabled: false + # default number of instances replicaCount: 1 + nodeSelector: {} + affinity: {} -ingress: - enabled: false +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + enabled: true + +## Persist data to a persitent volume +persistence: + enabled: true + volumeReclaimPolicy: Retain + + # Uncomment the storageClass parameter to use an existing PV + # that will match the following class. + # When uncomment the storageClass, the PV is not created anymore. + + # storageClass: "nfs-dev-sc" + + accessMode: ReadWriteOnce + size: 5Gi + + # When using storage class, mountPath and mountSubPath are + # simply ignored. + + mountPath: /dockerdata-nfs + mountSubPath: awx/pgdata + +service: + rmqmgmt: + type: ClusterIP + portName: rmqmgmt + internalPort: 15672 + externalPort: 15672 + web: + type: NodePort + portName: web + internalPort: 8052 + externalPort: 80 + nodePort: 78 + rabbitmq: + type: ClusterIP + http: + portName: http + internalPort: 15672 + externalPort: 15672 + amqp: + portName: amqp + internalPort: 5672 + externalPort: 5672 resources: {} diff --git a/kubernetes/contrib/components/ejbca/requirements.yaml b/kubernetes/contrib/components/ejbca/requirements.yaml index e87bc08da3..00542037af 100644 --- a/kubernetes/contrib/components/ejbca/requirements.yaml +++ b/kubernetes/contrib/components/ejbca/requirements.yaml @@ -23,3 +23,6 @@ dependencies: version: ~6.x-0 repository: '@local' condition: not global.mariadbGalera.localCluster + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/contrib/components/ejbca/templates/deployment.yaml b/kubernetes/contrib/components/ejbca/templates/deployment.yaml index 55de54febf..a10b0592de 100644 --- a/kubernetes/contrib/components/ejbca/templates/deployment.yaml +++ b/kubernetes/contrib/components/ejbca/templates/deployment.yaml @@ -40,11 +40,11 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }}-ejbca - image: {{ .Values.ejbca.image }} + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.ejbca.image }} imagePullPolicy: {{ .Values.pullPolicy }} lifecycle: postStart: diff --git a/kubernetes/contrib/components/ejbca/values.yaml b/kubernetes/contrib/components/ejbca/values.yaml index 35160e4b13..c26bfe2fbb 100644 --- a/kubernetes/contrib/components/ejbca/values.yaml +++ b/kubernetes/contrib/components/ejbca/values.yaml @@ -12,8 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. global: - readinessImage: onap/oom/readiness:3.0.1 - mariadbGalera: &mariadbGalera + mariadbGalera: &mariadbGalera #This flag allows EJBCA to instantiate its own mariadb-galera cluster localCluster: false service: mariadb-galera @@ -37,7 +36,6 @@ secrets: password: '{{ .Values.config.ejbca.clientIak }}' # application configuration -repository: nexus3.onap.org:10001 config: db: userName: ejbca diff --git a/kubernetes/contrib/components/netbox/Makefile b/kubernetes/contrib/components/netbox/Makefile index da18203981..4c79718d02 100644 --- a/kubernetes/contrib/components/netbox/Makefile +++ b/kubernetes/contrib/components/netbox/Makefile @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, Bell Canada +# Copyright © 2020 Samsung Electronics # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,7 +11,41 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. + +ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) +OUTPUT_DIR := $(ROOT_DIR)/../dist +PACKAGE_DIR := $(OUTPUT_DIR)/packages +SECRET_DIR := $(OUTPUT_DIR)/secrets + +EXCLUDES := dist resources templates charts docker HELM_BIN := helm +HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) + +.PHONY: $(EXCLUDES) $(HELM_CHARTS) + +all: $(HELM_CHARTS) + +$(HELM_CHARTS): + @echo "\n[$@]" + @make package-$@ + +make-%: + @if [ -f $*/Makefile ]; then make -C $*; fi + +dep-%: make-% + @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi + +lint-%: dep-% + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi + +package-%: lint-% + @mkdir -p $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi + @$(HELM_BIN) repo index $(PACKAGE_DIR) -make-netbox: - cd charts && $(HELM_BIN) dep up netbox-postgres && $(HELM_BIN) dep up netbox-nginx && $(HELM_BIN) dep up netbox-app +clean: + @rm -f */requirements.lock + @rm -f *tgz */charts/*tgz + @rm -rf $(PACKAGE_DIR) +%: + @: diff --git a/kubernetes/contrib/components/netbox/components/Makefile b/kubernetes/contrib/components/netbox/components/Makefile new file mode 100644 index 0000000000..bf267b7720 --- /dev/null +++ b/kubernetes/contrib/components/netbox/components/Makefile @@ -0,0 +1,51 @@ +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) +OUTPUT_DIR := $(ROOT_DIR)/../../dist +PACKAGE_DIR := $(OUTPUT_DIR)/packages +SECRET_DIR := $(OUTPUT_DIR)/secrets + +EXCLUDES := +HELM_BIN := helm +HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) + +.PHONY: $(EXCLUDES) $(HELM_CHARTS) + +all: $(HELM_CHARTS) + +$(HELM_CHARTS): + @echo "\n[$@]" + @make package-$@ + +make-%: + @if [ -f $*/Makefile ]; then make -C $*; fi + +dep-%: make-% + @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi + +lint-%: dep-% + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi + +package-%: lint-% + @mkdir -p $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi + @$(HELM_BIN) repo index $(PACKAGE_DIR) + +clean: + @rm -f */requirements.lock + @rm -f *tgz */charts/*tgz + @rm -rf $(PACKAGE_DIR) +%: + @: diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/.helmignore b/kubernetes/contrib/components/netbox/components/netbox-app/.helmignore index f0c1319444..f0c1319444 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/.helmignore +++ b/kubernetes/contrib/components/netbox/components/netbox-app/.helmignore diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/Chart.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/Chart.yaml index 787bc4a971..787bc4a971 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/Chart.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-app/Chart.yaml diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/requirements.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/requirements.yaml new file mode 100755 index 0000000000..9a0c10d687 --- /dev/null +++ b/kubernetes/contrib/components/netbox/components/netbox-app/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~6.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/configuration.py b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/configuration.py index 7d704ae762..7d704ae762 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/configuration.py +++ b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/configuration.py diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/gunicorn_config.py b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/gunicorn_config.py index c7d9f7b725..c7d9f7b725 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/gunicorn_config.py +++ b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/gunicorn_config.py diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/ldap_config.py b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/ldap_config.py index c7e0d3bee9..c7e0d3bee9 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/ldap_config.py +++ b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/configuration/ldap_config.py diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/custom_fields.yml b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/custom_fields.yml index c23e29a11d..c23e29a11d 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/custom_fields.yml +++ b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/custom_fields.yml diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/groups.yml b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/groups.yml index 1f4a5a7a6e..1f4a5a7a6e 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/groups.yml +++ b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/groups.yml diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/users.yml b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/users.yml index 77d330beac..77d330beac 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/users.yml +++ b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/initializers/users.yml diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/provisioning/provision.sh b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/provisioning/provision.sh index 984801decb..984801decb 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/provisioning/provision.sh +++ b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/provisioning/provision.sh diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/00_users.py index 7626058357..7626058357 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py +++ b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/00_users.py diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/10_groups.py b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/10_groups.py index 7932874704..7932874704 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/10_groups.py +++ b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/10_groups.py diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/20_custom_fields.py b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/20_custom_fields.py index 5c40e37bf2..5c40e37bf2 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/20_custom_fields.py +++ b/kubernetes/contrib/components/netbox/components/netbox-app/resources/config/startup_scripts/20_custom_fields.py diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/NOTES.txt b/kubernetes/contrib/components/netbox/components/netbox-app/templates/NOTES.txt index e70c418864..e70c418864 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/NOTES.txt +++ b/kubernetes/contrib/components/netbox/components/netbox-app/templates/NOTES.txt diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/configmap.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/configmap.yaml index f785478e1b..f785478e1b 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/configmap.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-app/templates/configmap.yaml diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/deployment.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/deployment.yaml index 0d401d870c..f1209cdb56 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/deployment.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-app/templates/deployment.yaml @@ -37,7 +37,7 @@ spec: spec: containers: - name: {{ include "common.name" . }} - image: {{ .Values.repository }}/{{ .Values.image }} + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - containerPort: {{ .Values.service.internalPort }} diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/job.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/job.yaml index ed6518ed1a..3b367a3d4a 100644 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/job.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-app/templates/job.yaml @@ -35,7 +35,7 @@ spec: restartPolicy: Never initContainers: - name: {{ include "common.name" . }}-init-readiness - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - /app/ready.py @@ -50,7 +50,7 @@ spec: fieldPath: metadata.namespace containers: - name: {{ include "common.name" . }}-provisioning-job - image: "{{ .Values.global.dockerHubRepository }}/{{ .Values.global.curlImage }}" + image: {{ include "repositoryGenerator.image.curl" . }} volumeMounts: - name: {{ include "common.fullname" . }}-provisioning mountPath: /tmp diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/pv.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/pv.yaml index a61217fb94..a61217fb94 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/pv.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-app/templates/pv.yaml diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/pvc.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/pvc.yaml index 7e25a0f1ef..7e25a0f1ef 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/pvc.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-app/templates/pvc.yaml diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/secrets.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/secrets.yaml index c06bc5a333..c06bc5a333 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/secrets.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-app/templates/secrets.yaml diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/service.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/templates/service.yaml index 74d1116f50..74d1116f50 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/service.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-app/templates/service.yaml diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/values.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/values.yaml index ff02e27b9b..92f97c2620 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/values.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-app/values.yaml @@ -42,11 +42,7 @@ config: superuserName: admin superuserEmail: admin@onap.org - curlImage: curlimages/curl:7.69.1 - dockerHubRepository: docker.io - -repository: netboxcommunity -image: netbox:v2.5.8 +image: netboxcommunity/netbox:v2.5.8 # probe configuration parameters liveness: diff --git a/kubernetes/contrib/components/netbox/charts/netbox-nginx/.helmignore b/kubernetes/contrib/components/netbox/components/netbox-nginx/.helmignore index f0c1319444..f0c1319444 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-nginx/.helmignore +++ b/kubernetes/contrib/components/netbox/components/netbox-nginx/.helmignore diff --git a/kubernetes/contrib/components/netbox/charts/netbox-nginx/Chart.yaml b/kubernetes/contrib/components/netbox/components/netbox-nginx/Chart.yaml index 4abaa27365..4abaa27365 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-nginx/Chart.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-nginx/Chart.yaml diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/requirements.yaml b/kubernetes/contrib/components/netbox/components/netbox-nginx/requirements.yaml new file mode 100755 index 0000000000..9a0c10d687 --- /dev/null +++ b/kubernetes/contrib/components/netbox/components/netbox-nginx/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~6.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/contrib/components/netbox/charts/netbox-nginx/resources/config/nginx.conf b/kubernetes/contrib/components/netbox/components/netbox-nginx/resources/config/nginx.conf index 2ef2aca3a1..2ef2aca3a1 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-nginx/resources/config/nginx.conf +++ b/kubernetes/contrib/components/netbox/components/netbox-nginx/resources/config/nginx.conf diff --git a/kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/NOTES.txt b/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/NOTES.txt index bd74a42cd5..bd74a42cd5 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/NOTES.txt +++ b/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/NOTES.txt diff --git a/kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/configmap.yaml b/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/configmap.yaml index 26242be8e2..26242be8e2 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/configmap.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/configmap.yaml diff --git a/kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/deployment.yaml b/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/deployment.yaml index 623e7fc2c1..7bdf46f252 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/deployment.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/deployment.yaml @@ -37,7 +37,7 @@ spec: spec: containers: - name: {{ include "common.name" . }} - image: {{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }} + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["nginx"] args: ["-c", "/etc/netbox-nginx/nginx.conf","-g", "daemon off;"] diff --git a/kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/service.yaml b/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/service.yaml index c01612e0f4..c01612e0f4 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/service.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-nginx/templates/service.yaml diff --git a/kubernetes/contrib/components/netbox/charts/netbox-nginx/values.yaml b/kubernetes/contrib/components/netbox/components/netbox-nginx/values.yaml index e94e50bc4f..de131d30d0 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-nginx/values.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-nginx/values.yaml @@ -22,7 +22,6 @@ global: # global defaults pullPolicy: Always # application image -repository: docker.io image: nginx:1.15-alpine pullPolicy: Always diff --git a/kubernetes/contrib/components/netbox/charts/netbox-postgres/.helmignore b/kubernetes/contrib/components/netbox/components/netbox-postgres/.helmignore index f0c1319444..f0c1319444 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-postgres/.helmignore +++ b/kubernetes/contrib/components/netbox/components/netbox-postgres/.helmignore diff --git a/kubernetes/contrib/components/netbox/charts/netbox-postgres/Chart.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/Chart.yaml index c439e1d580..c439e1d580 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-postgres/Chart.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-postgres/Chart.yaml diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/requirements.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/requirements.yaml new file mode 100755 index 0000000000..9a0c10d687 --- /dev/null +++ b/kubernetes/contrib/components/netbox/components/netbox-postgres/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~6.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/NOTES.txt b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/NOTES.txt index bd74a42cd5..bd74a42cd5 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/NOTES.txt +++ b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/NOTES.txt diff --git a/kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/configmap.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/configmap.yaml index 9bc530577a..9bc530577a 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/configmap.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/configmap.yaml diff --git a/kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/deployment.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/deployment.yaml index bfd3b39acc..2caddeba49 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/deployment.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/deployment.yaml @@ -37,7 +37,7 @@ spec: spec: containers: - name: {{ include "common.name" . }} - image: {{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }} + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - containerPort: {{ .Values.service.internalPort }} diff --git a/kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/pv.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/pv.yaml index 37d07f05a1..37d07f05a1 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/pv.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/pv.yaml diff --git a/kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/pvc.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/pvc.yaml index 30da3add0d..30da3add0d 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/pvc.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/pvc.yaml diff --git a/kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/service.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/service.yaml index 75335884df..75335884df 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/service.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-postgres/templates/service.yaml diff --git a/kubernetes/contrib/components/netbox/charts/netbox-postgres/values.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/values.yaml index 1db2457171..572e23d53c 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-postgres/values.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-postgres/values.yaml @@ -21,7 +21,6 @@ global: # global defaults persistence: {} # application image -repository: docker.io image: postgres:10.4-alpine pullPolicy: Always diff --git a/kubernetes/contrib/components/netbox/requirements.yaml b/kubernetes/contrib/components/netbox/requirements.yaml index 6e0025e41c..29cf5e2770 100755 --- a/kubernetes/contrib/components/netbox/requirements.yaml +++ b/kubernetes/contrib/components/netbox/requirements.yaml @@ -15,4 +15,16 @@ dependencies: - name: common version: ~6.x-0 - repository: '@local'
\ No newline at end of file + repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' + - name: netbox-app + version: ~6.x-0 + repository: 'file://components/netbox-app' + - name: netbox-nginx + version: ~6.x-0 + repository: 'file://components/netbox-nginx' + - name: netbox-postgres + version: ~6.x-0 + repository: 'file://components/netbox-postgres'
\ No newline at end of file diff --git a/kubernetes/contrib/components/netbox/values.yaml b/kubernetes/contrib/components/netbox/values.yaml index 5dc4535ca3..04d2f27c7c 100755 --- a/kubernetes/contrib/components/netbox/values.yaml +++ b/kubernetes/contrib/components/netbox/values.yaml @@ -16,16 +16,13 @@ # Global configuration defaults. ################################################################# global: - readinessRepository: nexus3.onap.org:10001 nodePortPrefixExt: 304 commonConfigPrefix: netbox - readinessImage: onap/oom/readiness:3.0.1 ################################################################# # Application configuration defaults. ################################################################# # application image -repository: hub.docker.io pullPolicy: Always # default number of instances diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/deployment.yaml b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/deployment.yaml index 1a76ba0a96..7640be64a6 100644 --- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/deployment.yaml +++ b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/bind9dns/templates/deployment.yaml @@ -36,7 +36,7 @@ spec: spec: containers: - name: {{ .Chart.Name }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + image: {{ .Values.image.repository }}:{{ .Values.image.tag }} imagePullPolicy: {{ .Values.image.pullPolicy }} env: - name: DNS_FORWARDER diff --git a/kubernetes/contrib/requirements.yaml b/kubernetes/contrib/requirements.yaml index b1739312a7..7e60bfa991 100644 --- a/kubernetes/contrib/requirements.yaml +++ b/kubernetes/contrib/requirements.yaml @@ -28,3 +28,6 @@ dependencies: version: ~6.x-0 repository: 'file://components/netbox' condition: netbox.enabled + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/platform/components/oom-cert-service/Makefile b/kubernetes/platform/components/oom-cert-service/Makefile index c15fdc7a51..736a19fbd4 100644 --- a/kubernetes/platform/components/oom-cert-service/Makefile +++ b/kubernetes/platform/components/oom-cert-service/Makefile @@ -30,9 +30,9 @@ start_docker: $(eval REPOSITORY := $(shell cat ./values.yaml | grep -i "^[ \t]*repository" -m1 | xargs | cut -d ' ' -f2)) $(eval JAVA_IMAGE := $(shell cat ./values.yaml | grep -i "^[ \t]*certificateGenerationImage" -m1 | xargs | cut -d ' ' -f2)) $(eval FULL_JAVA_IMAGE := $(REPOSITORY)/$(JAVA_IMAGE)) - $(eval USER :=$(shell id -u)) + $(eval USERNAME :=$(shell id -u)) $(eval GROUP :=$(shell id -g)) - docker run --rm --name ${DOCKER_CONTAINER} --user "$(USER):$(GROUP)" --mount type=bind,source=${CURRENT_DIR}/${CERTS_DIR},target=/app -w /app --entrypoint "sh" -td $(FULL_JAVA_IMAGE) + docker run --rm --name ${DOCKER_CONTAINER} --user "$(USERNAME):$(GROUP)" --mount type=bind,source=${CURRENT_DIR}/${CERTS_DIR},target=/app -w /app --entrypoint "sh" -td $(FULL_JAVA_IMAGE) # Stops docker container for generating certificates. 'true' is used to return 0 status code, if container is already deleted stop_docker: diff --git a/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml b/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml index 501125f99c..a2e3a48e25 100644 --- a/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml +++ b/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml @@ -18,7 +18,6 @@ apiVersion: apps/v1 kind: Deployment metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - serviceName: "sdnc-web" replicas: {{ .Values.replicaCount }} selector: {{- include "common.selectors" . | nindent 4 }} template: diff --git a/kubernetes/contrib/components/awx/charts/awx/Chart.yaml b/kubernetes/so/components/so-cnf-adapter/Chart.yaml index 00dca3f62c..4b507c105a 100755 --- a/kubernetes/contrib/components/awx/charts/awx/Chart.yaml +++ b/kubernetes/so/components/so-cnf-adapter/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright © 2019 Bell Canada +# Copyright © 2020 Huawei Technologies Co., Ltd. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,6 +13,8 @@ # limitations under the License. apiVersion: v1 -description: Ansible AWX application -name: awx +appVersion: "1.7.1" +description: A Helm chart for Kubernetes +name: so-cnf-adapter version: 6.0.0 + diff --git a/kubernetes/so/components/so-cnf-adapter/requirements.yaml b/kubernetes/so/components/so-cnf-adapter/requirements.yaml new file mode 100755 index 0000000000..ecba826c68 --- /dev/null +++ b/kubernetes/so/components/so-cnf-adapter/requirements.yaml @@ -0,0 +1,28 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~6.x-0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' + - name: repositoryGenerator + version: ~6.x-0 + repository: '@local' + - name: soHelpers + version: ~6.x-0 + repository: 'file://../soHelpers' + diff --git a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml new file mode 100755 index 0000000000..c513589100 --- /dev/null +++ b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml @@ -0,0 +1,50 @@ +{{/* +# Copyright © 2020 Huawei Technologies Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +aai: + auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.server.aai.auth ) }} + endpoint: https://aai.{{ include "common.namespace" . }}:8443 +logging: + path: logs +spring: + security: + usercredentials: + - username: ${ACTUATOR_USERNAME} + password: ${ACTUATOR_PASSWORD} + role: ACTUATOR +server: + port: {{ index .Values.containerPort }} + tomcat: + max-threads: 50 +mso: + site-name: localSite + logPath: ./logs/cnf + msb-ip: msb-iag.{{ include "common.namespace" . }} + msb-port: 80 +#Actuator +management: + endpoints: + web: + base-path: /manage + exposure: + include: "*" + metrics: + se-global-registry: false + export: + prometheus: + enabled: true # Whether exporting of metrics to Prometheus is enabled. + step: 1m # Step size (i.e. reporting frequency) to use. + diff --git a/kubernetes/so/components/so-cnf-adapter/templates/configmap.yaml b/kubernetes/so/components/so-cnf-adapter/templates/configmap.yaml new file mode 100755 index 0000000000..c5ebec0b15 --- /dev/null +++ b/kubernetes/so/components/so-cnf-adapter/templates/configmap.yaml @@ -0,0 +1,30 @@ +{{/* +# Copyright © 2020 Huawei Technologies Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: {{- include "common.resourceMetadata" (dict "dot" . "suffix" "env") | nindent 2 }} +data: + LOG_PATH: {{ index .Values.logPath }} + APP: {{ index .Values.app }} + ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}} +--- +apiVersion: v1 +kind: ConfigMap +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +data: +{{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | indent 2 }} + diff --git a/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml b/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml new file mode 100755 index 0000000000..3c131321f3 --- /dev/null +++ b/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml @@ -0,0 +1,132 @@ +{{/* +# Copyright © 2020 Huawei Technologies Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: apps/v1 +kind: Deployment +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +spec: + selector: {{- include "common.selectors" . | nindent 4 }} + replicas: {{ index .Values.replicaCount }} + minReadySeconds: {{ index .Values.minReadySeconds }} + strategy: + type: {{ index .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ index .Values.updateStrategy.maxSurge }} + template: + metadata: + labels: {{- include "common.labels" . | nindent 8 }} + spec: + initContainers: {{ include "so.certificate.container_importer" . | nindent 8 }} + - name: {{ include "common.name" . }}-encrypter + command: + - sh + args: + - -c + - | + java Crypto "${AAI_USERNAME}:${AAI_PASSWORD}" "${MSO_KEY}" > /output/.aai_creds + env: + - name: AAI_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aai-creds" "key" "login") | indent 14 }} + - name: AAI_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aai-creds" "key" "password") | indent 14 }} + - name: MSO_KEY + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cnf-adapter-mso-key" "key" "password") | indent 14 }} + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.global.soCryptoImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: encoder + mountPath: /output + - name: {{ include "common.name" . }}-readiness + command: + - /app/ready.py + args: + - --job-name + - {{ include "common.release" . }}-so-mariadb-config-job + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: {{ include "repositoryGenerator.image.readiness" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + containers: + - name: {{ include "common.name" . }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} + command: + - sh + args: + - -c + - | + export AAF_BASE64=$(echo -n "${AAF_USERNAME}:${AAF_PASSWORD}" | base64) + export AAF_AUTH=$(echo "Basic ${AAF_BASE64}") + export AAI_AUTH=$(cat /input/.aai_creds) + {{- if .Values.global.aafEnabled }} + export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) + export TRUSTSTORE_PASSWORD="${cadi_truststore_password}" + {{- if .Values.global.security.aaf.enabled }} + export KEYSTORE_PASSWORD="${cadi_keystore_password}" + {{- end }} + {{- end }} + ./start-app.sh + resources: {{ include "common.resources" . | nindent 12 }} + ports: {{- include "common.containerPorts" . | nindent 12 }} + env: + - name: AAF_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aaf-creds" "key" "login") | indent 14 }} + - name: AAF_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aaf-creds" "key" "password") | indent 14 }} + - name: ACTUATOR_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "login") | indent 14 }} + - name: ACTUATOR_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "password") | indent 14 }} + {{ include "so.certificates.env" . | indent 12 | trim }} + envFrom: + - configMapRef: + name: {{ include "common.fullname" . }}-env + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 12 }} + - name: logs + mountPath: /app/logs + - name: config + mountPath: /app/config + readOnly: true + readOnly: true + - name: encoder + mountPath: /input + livenessProbe: + httpGet: + path: {{ index .Values.livenessProbe.path}} + port: {{ index .Values.containerPort }} + scheme: {{ index .Values.livenessProbe.scheme}} + initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}} + periodSeconds: {{ index .Values.livenessProbe.periodSeconds}} + timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}} + successThreshold: {{ index .Values.livenessProbe.successThreshold}} + failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} + volumes: {{ include "so.certificate.volumes" . | nindent 8 }} + - name: logs + emptyDir: {} + - name: config + configMap: + name: {{ include "common.fullname" . }} + - name: encoder + emptyDir: + medium: Memory + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + diff --git a/kubernetes/so/components/so-cnf-adapter/templates/secret.yaml b/kubernetes/so/components/so-cnf-adapter/templates/secret.yaml new file mode 100644 index 0000000000..dfeae804be --- /dev/null +++ b/kubernetes/so/components/so-cnf-adapter/templates/secret.yaml @@ -0,0 +1,18 @@ +{{/* +# Copyright © 2020 Huawei Technologies Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{ include "common.secretFast" . }} + diff --git a/kubernetes/so/components/so-cnf-adapter/templates/service.yaml b/kubernetes/so/components/so-cnf-adapter/templates/service.yaml new file mode 100755 index 0000000000..0c34660a0e --- /dev/null +++ b/kubernetes/so/components/so-cnf-adapter/templates/service.yaml @@ -0,0 +1,18 @@ +{{/* +# Copyright © 2020 Huawei Technologies Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{ include "common.service" . }} + diff --git a/kubernetes/so/components/so-cnf-adapter/values.yaml b/kubernetes/so/components/so-cnf-adapter/values.yaml new file mode 100755 index 0000000000..0fdd4f2edf --- /dev/null +++ b/kubernetes/so/components/so-cnf-adapter/values.yaml @@ -0,0 +1,161 @@ +# Copyright © 2020 Huawei Technologies Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + soCryptoImage: sdesbure/so_crypto:latest + persistence: + mountPath: /dockerdata-nfs + security: + aaf: + enabled: false + aaf: + auth: + header: ${AAF_AUTH} +################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: db-user-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}' + login: '{{ .Values.db.userName }}' + password: '{{ .Values.db.userPassword }}' + passwordPolicy: required + - uid: db-admin-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.db.adminCredsExternalSecret) . }}' + login: '{{ .Values.db.adminName }}' + password: '{{ .Values.db.adminPassword }}' + passwordPolicy: required + - uid: server-actuator-creds + name: '{{ include "common.release" . }}-so-cnf-actuator-creds' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.server.actuatorCredsExternalSecret) . }}' + login: '{{ .Values.server.actuator.username }}' + password: '{{ .Values.server.actuator.password }}' + passwordPolicy: required + - uid: so-aaf-creds + name: '{{ include "common.release" . }}-so-cnf-aaf-creds' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.server.aafCredsExternalSecret) . }}' + login: '{{ .Values.server.aaf.username }}' + password: '{{ .Values.server.aaf.password }}' + passwordPolicy: required + - uid: so-aai-creds + name: '{{ include "common.release" . }}-so-cnf-aai-creds' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.server.aaiCredsExternalSecret) . }}' + login: '{{ .Values.server.aai.username }}' + password: '{{ .Values.server.aai.password }}' + passwordPolicy: required + - uid: cnf-adapter-mso-key + name: '{{ include "common.release" . }}-so-cnf-mso-key' + type: password + externalSecret: '{{ tpl (default "" .Values.mso.msoKeySecret) . }}' + password: '{{ .Values.mso.msoKey }}' +#secretsFilePaths: | +# - 'my file 1' +# - '{{ include "templateThatGeneratesFileName" . }}' +################################################################# +# Application configuration defaults. +################################################################# +image: onap/so/mso-cnf-adapter:1.7.1 +pullPolicy: Always +db: + userName: so_user + userPassword: so_User123 + # userCredsExternalSecret: some secret + adminName: so_admin + adminPassword: so_Admin123 + # adminCredsExternalSecret: some secret +server: + aaf: + username: so@so.onap.org + password: demo123456 + # aafCredsExternalSecret: some secret + aai: + username: aai@aai.onap.org + password: demo123456! + auth: ${AAI_AUTH} + # aaiCredsExternalSecret: some secret + actuator: + username: mso_admin + password: password1$ + # actuatorCredsExternalSecret: some secret +mso: + msoKey: 07a7159d3bf51a0e53be7a8f89699be7 + # msoKeySecret: some secret + adapters: + requestDb: + auth: ${REQUEST_AUTH} +replicaCount: 1 +minReadySeconds: 10 +containerPort: &containerPort 8090 +logPath: ./logs/cnf/ +app: cnf-adapter +service: + type: ClusterIP + ports: + - name: http-api + port: *containerPort +updateStrategy: + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 +soHelpers: + nameOverride: so-cnf-cert-init + certInitializer: + nameOverride: so-cnf-cert-init + credsPath: /opt/app/osaaf/local + cadi: + apiEnforcement: org.onap.so.openStackAdapterPerm + containerPort: *containerPort +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + memory: 4Gi + cpu: 2000m + requests: + memory: 1Gi + cpu: 500m + large: + limits: + memory: 8Gi + cpu: 4000m + requests: + memory: 2Gi + cpu: 1000m + unlimited: {} +livenessProbe: + path: /manage/health + port: 8090 + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 +ingress: + enabled: false +nodeSelector: {} +tolerations: [] +affinity: {} + diff --git a/kubernetes/so/requirements.yaml b/kubernetes/so/requirements.yaml index 2e0a40610d..2b60a69589 100755 --- a/kubernetes/so/requirements.yaml +++ b/kubernetes/so/requirements.yaml @@ -42,6 +42,10 @@ dependencies: version: ~6.x-0 repository: 'file://components/so-catalog-db-adapter' condition: so-catalog-db-adapter.enabled + - name: so-cnf-adapter + version: ~6.x-0 + repository: "file://components/so-cnf-adapter" + condition: so-cnf-adapter.enabled - name: so-etsi-nfvo-ns-lcm version: ~6.x-0 repository: 'file://components/so-etsi-nfvo-ns-lcm' diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml index efcf029fbc..efb3fab558 100755 --- a/kubernetes/so/resources/config/overrides/override.yaml +++ b/kubernetes/so/resources/config/overrides/override.yaml @@ -7,7 +7,7 @@ server: max-threads: 50 ssl-enable: false mso: - msoKey: {{ .Values.global.app.msoKey }} + msoKey: {{ .Values.mso.msoKey }} logPath: ./logs/apih site-name: {{ index .Values.global.app.siteName }} adapters: @@ -124,4 +124,4 @@ org: cloud-owner: CloudOwner adapters: network: - encryptionKey: {{ .Values.global.app.msoKey }} + encryptionKey: {{ .Values.mso.msoKey }} diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index de1918b7ae..358b104367 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -55,7 +55,7 @@ global: siteName: onapheat auth: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456 defaultCloudOwner: onap - msoKey: 07a7159d3bf51a0e53be7a8f89699be7 + client: certs: truststore: /app/client/org.onap.so.trust.jks @@ -110,16 +110,44 @@ secrets: type: generic filePaths: - resources/config/certificates/msb-ca.crt - - uid: "mso-key" + - uid: 'mso-key' name: &mso-key '{{ include "common.release" . }}-mso-key' type: password - password: '{{ .Values.global.app.msoKey }}' + password: '{{ .Values.mso.msoKey }}' - uid: mso-oof-auth name: &mso-oof-auth '{{ include "common.release" . }}-mso-oof-auth' type: basicAuth login: '{{ .Values.mso.oof.login }}' password: '{{ .Values.mso.oof.password }}' passwordPolicy: required + - uid: server-actuator-creds + name: &actuator-secrets '{{ include "common.release" . }}-so-server-actuator-creds' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.server.actuatorCredsExternalSecret) . }}' + login: '{{ .Values.server.actuator.username }}' + password: '{{ .Values.server.actuator.password }}' + passwordPolicy: required + - uid: server-bpel-creds + name: &bpel-secrets '{{ include "common.release" . }}-so-server-bpel-creds' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.server.bpelCredsExternalSecret) . }}' + login: '{{ .Values.server.bpel.username }}' + password: '{{ .Values.server.bpel.password }}' + passwordPolicy: required + - uid: so-aaf-creds + name: &aaf-secrets '{{ include "common.release" . }}-so-server-aaf-creds' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.server.aafCredsExternalSecret) . }}' + login: '{{ .Values.server.aaf.username }}' + password: '{{ .Values.server.aaf.password }}' + passwordPolicy: required + - uid: so-aai-creds + name: &aai-secrets '{{ include "common.release" . }}-so-server-aai-creds' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.server.aaiCredsExternalSecret) . }}' + login: '{{ .Values.server.aai.username }}' + password: '{{ .Values.server.aai.password }}' + passwordPolicy: required aafConfig: permission_user: 1000 @@ -142,6 +170,25 @@ dbCreds: adminName: so_admin image: onap/so/api-handler-infra:1.7.10 + +server: + aaf: + username: so@so.onap.org + password: demo123456 + # aafCredsExternalSecret: some secret + aai: + username: aai@aai.onap.org + password: demo123456! + # aaiCredsExternalSecret: some secret + actuator: + username: mso_admin + password: password1$ + # actuatorCredsExternalSecret: some secret + bpel: + username: bpel + password: password1$ + # bpelCredsExternalSecret: some secret + pullPolicy: Always replicaCount: 1 minReadySeconds: 10 @@ -230,6 +277,7 @@ mso: requestDb: auth: Basic YnBlbDpwYXNzd29yZDEk camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A + msoKey: 07a7159d3bf51a0e53be7a8f89699be7 sdc: client: auth: 878785F4F31BC9CFA5AB52A172008212D8845ED2DE08AD5E56AF114720A4E49768B8F95CDA2EB971765D28EDCDAA24 @@ -247,6 +295,8 @@ mso: so-appc-orchestrator: enabled: false + server: + actuatorCredsExternalSecret: *actuator-secrets db: <<: *dbSecrets @@ -259,16 +309,53 @@ so-catalog-db-adapter: db: <<: *dbSecrets +so-cnf-adapter: + enabled: true + db: + <<: *dbSecrets + server: + aafCredsExternalSecret: *aaf-secrets + aaiCredsExternalSecret: *aai-secrets + actuatorCredsExternalSecret: *actuator-secrets + mso: + msoKeySecret: *mso-key + so-etsi-nfvo-ns-lcm: enabled: true db: <<: *dbSecrets +so-mariadb: + db: + rootPasswordExternalSecretLocalDb: *dbRootPassSecretName + rootPasswordExternalSecret: '{{ ternary .Values.db.rootPasswordExternalSecretLocalDb (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.localCluster }}' + backupCredsExternalSecret: *dbBackupCredsSecretName + userCredsExternalSecret: *dbUserCredsSecretName + adminCredsExternalSecret: *dbAdminCredsSecretName + so-monitoring: enabled: true db: <<: *dbSecrets +so-nssmf-adapter: + enabled: true + server: + actuatorCredsExternalSecret: *actuator-secrets + bpelCredsExternalSecret: *bpel-secrets + db: + <<: *dbSecrets + +so-oof-adapter: + enabled: true + db: + <<: *dbSecrets + mso: + msoKeySecret: *mso-key + camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A + oof: + authSecret: *mso-oof-auth + so-openstack-adapter: enabled: true db: @@ -295,28 +382,6 @@ so-vfc-adapter: db: <<: *dbSecrets -so-nssmf-adapter: - enabled: true - db: - <<: *dbSecrets - -so-oof-adapter: - enabled: true - db: - <<: *dbSecrets - mso: - msoKeySecret: *mso-key - camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A - oof: - authSecret: *mso-oof-auth - so-vnfm-adapter: enabled: true -so-mariadb: - db: - rootPasswordExternalSecretLocalDb: *dbRootPassSecretName - rootPasswordExternalSecret: '{{ ternary .Values.db.rootPasswordExternalSecretLocalDb (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.localCluster }}' - backupCredsExternalSecret: *dbBackupCredsSecretName - userCredsExternalSecret: *dbUserCredsSecretName - adminCredsExternalSecret: *dbAdminCredsSecretName |